Hack Attack: RSA And Sony, In A Tie
RSA, makers of the SecurID two-factor authentication technology that is core to the security strategies of hundreds of enterprises, found out in March that
even core security technologies can be compromised. As
Dark Reading's Tim Wilson says of the attack, "the very foundation of tokens and authentication is shaken, not to mention one of the oldest and most respected security companies." RSA found itself in the position of explaining to customers that a strong security organization can be taken down by a sophisticated attack. In October, RSA chief Arthur Coviello
pinned blame for the advanced persistent threat attack on a nation state, without naming names. Even now, security experts
continue to speculate just what SecurID data was nabbed, because parent company EMC has not disclosed full details.
On the flipside of the coin, Sony's less sophisticated security strategy was defeated with ease, beginning in April, Wilson notes. Breaches affected millions of customers' personal data and touched the PlayStation Network, the Qriocity streaming video and music service, and SonyPitcures.com.
Sony was hacked "multiple times from multiple vectors by multiple attackers, and it didn't even seem to be difficult. Even the attacker commented on it," Wilson said. In September, Sony hired its first chief information security officer, former Homeland Security official and Microsoft exec Philip Reitinger, as InformationWeek's J. Nicholas Hoover reported. --Laurianne McLaughlin
Recommended Reading
10 Android App Flops
My Mistake: 10 CIOs Share Do-Over Worthy Moments
VMware Pricing Controversy: Exclusive User Research
Office 365 Vs. Google Apps: Top 10 Enterprise Concerns
10 Lessons Learned By Big Data Pioneers
Lenovo Takes On 7 Rivals: Tablet Faceoff
InformationWeek Analytics Presents: The Best of Interop 2011
IT Salaries: 9 Ways We've Changed (Or Not) From 2001's Heyday
